Problem accessing server, IPSec

Home Forums Networking General Networking Problem accessing server, IPSec

This topic contains 8 replies, has 5 voices, and was last updated by Avatar sara 7 years, 8 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #157721

    Hi guys!

    We have 2 Cyberoam firewall, connected with IPSec, which everything is working fine except one thing.

    Subnet 10.1.*.* can access all server (2003 or 2008 ) over the subnet 10.0.*.* , or ping. On the other side, it’s the same thing except 1 server, which is a 2008 and the only of the branch.

    I can’t ping the server, can’t access it. We have no firewall onthe server enabled, only NOD32, and when it’s disable, it doesn’t change anything.

    Any idea? I doubt it’s the firewall related (cyberoam) since I can ping or access all the other server, and there is no rule to block this.

    Thanks if anyone can help me.

    Christ

    Avatar
    Anonymous
    #372888

    Re: Problem accessing server, IPSec

    Not familiar with those devices, but have you checked the logs on the firewall?

    Avatar
    Anonymous
    #371324

    Re: Problem accessing server, IPSec

    Can the server at the other end ‘see’ anything at that end like user PCs, etc.? Assuming there’s a fixed IP and correct network mask, that server should at least be able to ping it’s own gateway. If not, it’s most likely the server networking (drivers, settings, cabling) or the switch/router port it’s plugged into.

    Avatar
    sara
    Member
    #375756

    Re: Problem accessing server, IPSec

    Hi.

    Thanks for your replies. Finally, I’ve been able to do a packet capture (Thanks for the CLI access). I found that the distant will ping, I can capture the packet on the other firewall, but it won’t reach the destination.

    The one not accessible doesn’t reach the firewall when pinging. I’ll need to look at that server, but GPO has been set to disable firewall for all computer and server. It use nod32 (no firewall). I’ll start by restarting the server first and see.

    Just to let you know, all server can see computer, and can ping except that server in 10.1.*.* . I can ping all local network, but not throught the IPSec, might be something in the firewall which hasn’t been disable..

    Avatar
    sara
    Member
    #375757

    Re: Problem accessing server, IPSec

    Okay, I’ve done some few test.

    It seems that this server doesn’T want anything from the IPSec, and it doesn’t want to let our Scan gun with Windows CE to access the share.

    We have a GPO firewall rule, which disable the firewall (controlled by a 2003 server). I don’t know if there could be a problem right there. I will Disable this rule, and force the server to update and see if it works.

    JeremyW
    JeremyW
    Moderator
    #270213

    Re: Problem accessing server, IPSec

    Can you check the subnet mask on the server you can’t access? Make sure it’s correct.

    Avatar
    sara
    Member
    #375758

    Re: Problem accessing server, IPSec

    I’ll check thanks!

    Edit:

    Rick has seems to get me somewhere I didn’t double check, and with Jeremy post, I have double checked, subnetmask was at 255.0.0.0 instead of 255.255.255.0. Arggg Why I never saw this. Thanks to the one who set this mask haha

    Well, now I just have the Windows CE that doesn’T connect to the share!

    JeremyW
    JeremyW
    Moderator
    #270217

    Re: Problem accessing server, IPSec

    Check the same thing on the Windows CE. When configuring a 10.x.x.x address the SNM defaults to a class A which would make the devices think everything is on the LAN and would try and send the traffic directly instead of to the gateway.

    Avatar
    sara
    Member
    #375759

    Re: Problem accessing server, IPSec

    Sorry for long delay xD, I didn’T had time working on the windows CE, the new building construction is done and I need to install new server for our second building haha!

    I’ll give a try and see on those windows CE, I’ll post back news about ti next week.

    Thanks!

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.